February 1-2, 2025

                February 2, 2025

            February 1-2, 2025

            February 1-2, 2025

Today, I'm releasing the first version of a small web 🚀:  https://t.co/WZMsLWpGEK

It provides IOCs and YARA rules collected semi-automatically from public blog posts and reports of almost 200 cybersecurity sites.

I hope it proves useful to some of you ...  🙏✨ #ThreatIntel pic.twitter.com/Xe75VxDruj
— Johannes Bader (@viql) January 30, 2025

uscope: A New Debugger and Introspection Toolchain

https://calabro.io/uscope
jcalabro/uscope: μscope 🔬

                  GitHub - jcalabro/uscope: μscope 🔬
μscope 🔬. Contribute to jcalabro/uscope development by creating an account on GitHub.            

EarlyCascade : A PoC for Early Cascade process injection technique : https://t.co/smv6dlfXer credits @0xNinjaCyclone 

Details : 

Introducting Early Cascade Injection : https://t.co/p2sXSkHyCE pic.twitter.com/duype1HiJ3
— Binni Shah (@binitamshah) February 1, 2025

Russian spy ship fire exposes poor state of Mediterranean fleet, say expertshttps://t.co/FZNDBU6GTT
— Dr. Dan Lomas (@Sandbagger_01) February 1, 2025

🦀 Check out this collection of blog posts that cover Rust RE, CTF writeups and more. There's a lot good stuff in here @cxiao__, appreciate the work!https://t.co/z9G2zjRPlp
— Hex-Rays SA (@HexRaysSA) January 31, 2025

Presenting his new book on Russian intel history, Nikolay Dolgopolov tells of his "writing" sessions with a 100-year-old Cheka veteran Boris Gudz who claimed that Grishka [Grigory Syroyezhkin] "bumped off" Sidney Reilly in the Sokolniki Park in Moscow.  ⬇️https://t.co/nNBbrVi3f7
— Filip Kovacevic (@ChekistMonitor) February 1, 2025

On Dolgopolov's writings in general, see my article "Nikolay Dolgopolov: The Storyteller of Soviet Intelligence History" published in Intelligence and National Security journal in 2020. https://t.co/hkMJGwvsTs
— Filip Kovacevic (@ChekistMonitor) February 1, 2025

New Blog Post:https://t.co/RXemRXnoNs
Tell you more about what I didn’t talk about at the #OBTS 7 @objective_see
— Mickey Jin (@patch1t) January 31, 2025

#SpyNews - week 5 (January 26-February 1):
A summary of 91 espionage-related stories from week 5 coming from 🇬🇧🇨🇳🇺🇸🇲🇽🇦🇫🇩🇪🇺🇦🇷🇺🇵🇱🇨🇿🇧🇾🇮🇱🇸🇪🇱🇻🇮🇪🇹🇷🇵🇭🇫🇷🇹🇼🇮🇷🇦🇿🇧🇪🇪🇪🇰🇷🇸🇦🇧🇬🇦🇲🇨🇦🇳🇱🇷🇴🇬🇪🇸🇾🇿🇦🇦🇹🇨🇭🇧🇷🇮🇹🇨🇱🇪🇬🇶🇦🇳🇴🇹🇭🇯🇵🇵🇰🇧🇩🇮🇳🇹🇹🇨🇩🇷🇼 https://t.co/pjDWm1m4mf#OSINT #HUMINT #SIGINT #spy #espionage
— Spy Collection (@SpyCollection1) February 2, 2025

Fake Game Hacks on YouTube Target Kids with Malware

Beware of fake game hacks! McAfee Labs warns about malware spread through YouTube videos offering cheats for popular games like #Minecraft, #Roblox, and #Fortnite.https://t.co/NpPhxYSR5Z
— Gray Hats (@the_yellow_fall) February 2, 2025

💡"The Normie guide to ordering highly illegal drugs on the Dark Internet in 2025"

Probably what happens to a lot of people to be honest. 😁

Link: http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad[.]onion/post/a6512fb501eaf85d29e1 pic.twitter.com/uy0dISwTTA
— Dark Web Informer - Cyber Threat Intelligence (@DarkWebInformer) February 2, 2025

CVE PoCs: Demonstrations for CVEs with detailed explanations and exploitation techniques. https://t.co/4eXjN7Bk1y
— Nicolas Krassas (@Dinosn) February 2, 2025

ReSym: Harnessing LLMs to Recover Variable and Data Structure Symbols from Stripped Binarieshttps://t.co/dYzepTTJ6U pic.twitter.com/x3pdqNO1U7
— Alex Plaskett (@alexjplaskett) February 2, 2025

                  HISAC - High Impact Security Analysis and Communication : Jai Minton
How to be a well rounded SOC/MDR/Cyber/Information Security Analyst.            

I frequently get asked is "what skills do I need need to excel as an analyst", so I figure this is a good opportunity to shed some light on what analysis is, and why certifications alone won't make you a good analyst.https://t.co/EZf9MDdROX
— Jai Minton (@CyberRaiju) February 2, 2025

Why Canada's spies worry about Trump's national intelligence nominee https://t.co/1PsFAYwvIA
— Dr. Dan Lomas (@Sandbagger_01) February 2, 2025

Chained two 'meh' WordPress vulnerabilities into a high-impact exploit on JupiterX Core 👾. From low-privilege SVG upload to full RCE, check out the full breakdown and PoC 🛠️#BugBounty #bugbountytips #WordPress #Cybersecurityhttps://t.co/q0WJiO2IY2
— Mat Rollings (@stealthcopter) February 1, 2025

                  Jailbreaking Generative AI - API Security
DeepSeek, a disruptive new AI model from China, has shaken the market, sparking both excitement and controversy. While it has gained attention for its            

Everyone knows your location: tracking myself down through in-app ads https://t.co/R0UeVrayOj
— Nicolas Krassas (@Dinosn) February 1, 2025

https://www.reddit.com/r/netsec/comments/1if344u/everyone_knows_your_location_tracking_myself_down/

                  Everyone knows your location
How I tracked myself down using leaked location data in the in-app ads, and what I found along the way.            

The bug @patch1t  mentioned at the end of his blogpost (the one he couldn't share at OBTS) took Apple fixing 5 years!!

Look at the end of my blogpost from 2019:https://t.co/5qUXEWIaNJ

I kept reporting it for a few major versions and I eventually gave up at 15.0... https://t.co/5vIQm6UFme pic.twitter.com/wwIKrmTfxT
— Csaba Fitzl (@theevilbit) February 1, 2025

Last week we exploited a Race Condition in the Windows 7 (x86) Kernel. Now we pivot back into a more modern OS: Windows 11 (x64)!https://t.co/xOBbP7lnN7
— wetw0rk (@wetw0rk_bot) February 1, 2025

Don't miss what's next. Subscribe to the grugq's newsletter: